ABSTRACT
For testing new methods of network security or new algorithms of security analytics, we need the experimental environments as well as the testing data which are much as possible similar to the real-world data. Therefore, the researchers are always trying to find the best approaches and recommendations of creating and simulating testbeds, because the issue of automation of the testbed creation is a crucial goal to accelerate research progress. One of the ways to generate data is simulate the user behavior on the virtual machines, but the challenge is how to describe what we want to simulate.
In this paper, we present a new approach of describing user behavior for the simulation tool. This approach meets requirements of simplicity and extensibility. And it could be used for generating user behavior scenarios to simulate them on Windows-family virtual machines. The proposed approached is applied to our developed simulation tool that we use for solving a problem of the lack of data for research in network security and security analytics areas by generating log dataset that could be used for testing new methods of network security and new algorithms of security analytics.
- Microsoft Windows Server 2012. http://www.microsoft.com/en-us/server-cloud/products/windows-server-2012-r2.Google Scholar
- Python Imaging Library. http://www.pythonware.com/products/pil.Google Scholar
- Python programming language. https://www.python.org.Google Scholar
- Virtual Network Computing. http://www.hep.phy.cam.ac.uk/vnc\_docs/index.html.Google Scholar
- VMware ESXi. http: //www.vmware.com/products/vsphere-hypervisor.Google Scholar
- Vncdotool. A command line VNC client. https://github.com/sibson/vncdotool.Google Scholar
- Windows Active Directory. http: //msdn.microsoft.com/en-us/library/bb742424.aspx.Google Scholar
- Windows PowerShell. http://technet.microsoft.com/en-us/library/bb978526.aspx.Google Scholar
- E. L. Barse, H. Kvarnström, and E. Jonsson. Synthesizing test data for fraud detection systems. In Proceedings of the 19th Annual Computer Security Applications Conference, ACSAC '03, pages 384--, Washington, DC, USA, 2003. IEEE Computer Society. Google ScholarDigital Library
- B. Braden, N. S. F. (U.S.), N. S. F. U. D. for Computer, I. Science, Engineering, N. S. F. U. A. N. Infrastructure, and R. Division. Report of NSF Workshop on Network Research Testbeds. Directorate for Computer and Information Science and Engineering (CISE), Advanced Networking Infrastructure & Research Division, 2002.Google Scholar
- L. Breslau, D. Estrin, K. R. Fall, S. Floyd, J. S. Heidemann, A. Helmy, P. Huang, S. McCanne, K. Varadhan, Y. Xu, and H. Yu. Advances in network simulation. IEEE Computer, 33(5): 59--67, 2000. Google ScholarDigital Library
- A. A. Cardenas, P. K. Manadhata, and S. P. Rajan. Big Data Analytics for Security. IEEE Security & Privacy, 11(6): 74--76, 2013. Google ScholarDigital Library
- M. Chandrasekaran, V. Sankaranarayanan, and S. J. Upadhyaya. Spycon: Emulating user activities to detect evasive spyware. In IPCCC, pages 502--509. IEEE Computer Society, 2007.Google ScholarCross Ref
- R. Chinchani, A. Muthukrishnan, M. Chandrasekaran, and S. J. Upadhyaya. Racoon: Rapidly generating user command data for anomaly detection from customizable templates. In ACSAC, pages 189--204. IEEE Computer Society, 2004. Google ScholarDigital Library
- A. Garg, S. Vidyaraman, S. Upadhyaya, and K. Kwiat. Usim: A user behavior simulation framework for training and testing idses in gui based systems. In Proceedings of the 39th Annual Symposium on Simulation, ANSS '06, pages 196--203, Washington, DC, USA, 2006. IEEE Computer Society. Google ScholarDigital Library
- R. P. Pargas, M. J. Harrold, and R. Peck. Test-data generation using genetic algorithms. Softw. Test., Verif. Reliab., 9(4): 263--282, 1999.Google ScholarCross Ref
- M. A. Whiting, J. Haack, and C. Varley. Creating realistic, scenario-based synthetic data for test and evaluation of information analytics software. In Proceedings of the 2008 Workshop on BEyond Time and Errors: Novel evaLuation Methods for Information Visualization, BELIV '08, pages 8:1--8:9, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- G. Zimmerman. Modeling and simulation of individual user behavior for building performance predictions. In Proceedings of the 2007 Summer Computer Simulation Conference, SCSC '07, pages 913--920, San Diego, CA, USA, 2007. Society for Computer Simulation International. Google ScholarDigital Library
Index Terms
Simulation user behavior on a security testbed using user behavior states graph
Recommendations
e-Shop User Preferences via User Behavior
ICETE 2014: Proceedings of the 11th International Joint Conference on e-Business and Telecommunications - Volume 2We deal with the problem of using user behavior for business relevant analytic task processing. We describe our acquaintance with preference learning from behavior data from an e-shop. Based on our experience and problems we propose a model for ...
Understanding User Behavior in Large Scale Internet Video Service
CYBERC '15: Proceedings of the 2015 International Conference on Cyber-Enabled Distributed Computing and Knowledge DiscoveryWith the rapid development of Internet video service and the continuous expansion of user scale, to dig out the user behavior patterns accurately from the user data and obtain some valuable regularities of the user behavior can help the Internet video ...
Formalizing and Integrating User Knowledge into Security Analytics
AbstractThe Internet-of-Things and ubiquitous cyber-physical systems increase the attack surface for cyber-physical attacks. They exploit technical vulnerabilities and human weaknesses to wreak havoc on organizations’ information systems, physical ...
Comments